In an earlier blog post I wrote about how [w]hen your company has a data breach, these are the top 3 questions that you will be required to answer: How did the breach happen? What steps did your company take before the breach to protect the data and keep it from happening? What steps is…
Tag: Data Breach Response
3 Important Questions Your Company Must Answer After A Data Breach
Riddle: What has sensitive data, is the target of cyber criminals, and will (almost certainly) have a data breach? Answer: YOUR COMPANY! When your company has a data breach, these are the top 3 questions that you will be required to answer: How did the breach happen? What steps did your company take before the breach…
The SEC Will Begin Looking at Companies’ IT Security and Data Breach Response Policies
THE POINT: Recent statements from the SEC indicate that the new standard of care for companies may require policies in place for (1) prevention, detection, and response to cyber attacks and data breaches, (2) IT training focused on security, and (3) vendor access to company systems and vendor due diligence. Do you still think your…
Data Security Involves Human Behavior and, Therefore, Is More an Art, Than a Science
I have recently written of how data breach responses and response plans cannot be one-size-fits-all and must be tailored to the unique needs of the company involved, as well as its culture. That is, they must be tailored to fit a company of humans dealing with humans. This morning I read an article that discusses…
Executives – Are You Ready to Lead Your Company Through a Data Breach?
I have handled several data breach incidents for clients as their breach response counsel and, while we have an effective process to implement to help keep clients out of legal hot water, that really is not the most important aspect of handling the incident. The most important issue is how the incident will impact the…
Texas’ Amended Data Breach Notification Law
Texas amended its existing data breach notification law which became effective on September 1, 2012. The relevant section of the law is titled “Notification Required Following Breach of Security of Computerized Data” and is found at Section 521.053 of the Texas Business and Commerce Code. The main body of the law provides as follows: (b) A…
Data Breach – Who’s Gonna Get It?
The message–that’s what I’m talking about–who’s gonna get the message first? Data breaches, hacking, and privacy are one of the biggest news stories for 2011 and we are just just barely through the first half of the year. By now even the most zoned-out among us should have heard of the hacking that led to…